There’s a lot of interest in FIM, and that’s great – but I worry about all the focus on the codeless sync rules, which I’m not a fan of. Meanwhile behind it we have the best, most efficient and most flexible sync engine out there, now in 64-bits, and ready to do all sorts of impressive feats of provisioning and synchronizing, if you just put the time into learning how to configure it properly. Continue reading ›
I’ve been having a bit of a play with the powershell interface to the FIM Portal. I wanted to pre-populate a demo environment with an interesting set of criteria-based Securoity and Distribution groups, but they get a bit tedious to create by hand, and I wanted to see if powershell was the answer.
I’m pretty pleased with the results. Both of the following scripts use a CSV to bulk-create the groups:
Create Security Groups based on Filters
Create Distribution Lists for Managers which contain all the people they manage
This got me out of a pickle today. A slip-up in a join rule caused hundreds of bad joins to be made. There were far too many to un-do by hand, but then I figured out I could add a few lines to the Provisioning Sub of the MVExtension to remove all the joins made in the past hour:
If mventry.ConnectedMAs(Ma Name).Connectors.Count > 0 _
AndAlso DateDiff(DateInterval.Hour, mventry.ConnectedMAs(Ma Name).Connectors.ByIndex(0).ConnectionChangeTime, Now) < 1 Then
mventry.ConnectedMAs(Ma Name).Connectors.ByIndex(0).Deprovision()
End If
Handy!
I just posted this article in the Greatest Hits series of the ILM Technet forum. It describes some of the methods and considerations around disabling and deleting users accounts with ILM.
Following on from my last post about the overlaps between FIM and Exchange 2010 I wanted to clarify for myself the group management capabilities in FIM, Exchange 2010 and ILM.
Warning: I will have to revisit this post – as I haven’t yet installed Exchange 2010 in a production environment the Exchange comments are based on reading rather than hands-on experience, and in particular I’m unsure about the management of email-enabled Security groups.
Continue reading ›
I’ve been getting myself up to speed on the new feaures of Exchange 2010, and some of them look a little familiar…
Next in my “Five things about FIM” posts – five things I have learnt about Management Policy Rules.
I’m having a big FIM week this week – in fact it’s more like a FIM Fortnight! I’ve delivered a three day training, demonstrated the product to a client, and I’m presenting FIM at a half-day seminar next week. (See here if you happen to be in Vaud, CH and you’d like to come.)
So while I’m doing and thinking all things FIM I’ve decided to start a little “Five things about” blog series on different aspects of the new platform. To start – some generalities about the FIM Portal (aka All The New Sharepointy Stuff).
I have just posted this article in the Greatest Hits series on the ILM Technet forum.
The article covers various management tasks you can acheive with the standard AD MA, including provisioning and updating of users, mailboxes, contacts and distribution groups. There are quite a few code samples as well. Continue reading ›
Quite unexpectedly this week, I got to genuinely use SCR “in anger” when I killed a client’s production Exchange 2007 server by attempting to install SP2 on it (for that whole sorry story see http://social.technet.microsoft.com/Forums/en/exchangesoftwareupdate/thread/713d2b17-f19d-4eaf-8146-c51f59942d08?prof=required). I’ll keep my swearing about SP2 off the page here and focus on the hero of the week – which was SCR!
